<?php

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */

/**
 * Description of security
 *
 * @author xmxjq
 */
class Security extends CI_Controller {
    //put your code here
    public function __construct() {
        parent::__construct();
        
        $this->load->model('user_model');
        $this->load->model('user_lost_model');
    }
    
    public function verify_captcha() {
        $retJson = array();
        if ( $this->input->post('captcha') !== $_SESSION['captcha'] ) {
            $retJson['match'] = 0;
            $retJson['captcha'] = $_SESSION['captcha'];
        } else {
            $retJson['match'] = 1;            
            $retJson['captcha'] = $_SESSION['captcha'];
        }
        $this->output->set_content_type('application/json')
             ->set_output(json_encode($retJson));
    }
    
    
    public function sendVerifyEmail() {
        if ( $this->session->userdata('unverified_userinfo') != NULL ) {
            $userinfo = $this->session->userdata('unverified_userinfo');
            $this->load->helper('sendemail');
            sendVerifyEmail_helper($userinfo['email']);
            $data['title'] = '成功发送验证邮件';
            $data['message'] = '系统已经向您的注册邮箱中发送了验证邮件，请根据邮件中的指示进行下一步的操作，谢谢。';
        }
        else {
            $data['title'] = '发送验证邮件失败';
            $data['message'] = '链接可能是无效的，或者您可能尚未登录，请登录后使用本功能，也有可能您已经完成了邮箱验证无需再次发送。';
        }
        $this->load->view('header');
        $this->load->view('navbar');
        $this->load->view('message', $data);
        $this->load->view('footer');
    }
    
    public function verifyEmailAndCode($user_id = -1, $verifyCode = -1) {
        if( $user_id != -1 && $verifyCode != -1 && $verifyCode === $this->user_model->getVerifyEmailHashById($user_id) ) {
//            $this->user_model->setEmailVerifyFlag($user_id, 1);
//            $data['title'] = 'Email地址验证成功';
//            $data['message'] = '您已经成功地完成了邮箱的验证，请尽情享受本站的服务。';
            $data['user_id'] = $user_id;
            $data['verify_code'] = $verifyCode;
            $this->load->view('header');
            $this->load->view('navbar');
            $this->load->view('user_email_verify_form', $data);
            $this->load->view('footer');   
        }
        else {
            $data['title'] = 'Email地址验证失败';
            $data['message'] = '链接地址可能有错误，请您尝试重新发送验证邮件。';
            $this->load->view('header');
            $this->load->view('navbar');
            $this->load->view('message', $data);
            $this->load->view('footer');   
        }         
    }
    
    public function verify_and_update_user_info() {
        $retJson = array();
        $this->load->helper('util');
        $res = $this->user_model->login($this->input->post());
        if ($res === TRUE) {
            if( $this->_check_profile_data($this->input->post())) {         
                if( $this->input->post('year_of_birth') == NULL || checkbirthdate($this->input->post('year_of_birth')) ) {
                    $this->user_model->update($this->input->post('user_id'), "nickname", $this->input->post('nickname'));
                    $this->user_model->update($this->input->post('user_id'), "gender", $this->input->post('gender'));
                    $this->user_model->setEmailVerifyFlag($this->input->post('user_id'), 1);
                    $this->user_model->update_optional_info($this->input->post('user_id'), $this->input->post());    //更新选填项，没填就默认为空了
                    $this->user_model->refresh_session_with_user_id($this->input->post('user_id'));
                    $retJson['code'] = 1;
                }
                else {
                    $retJson['code'] = -2;
                    $retJson['error_message'] = "出生年份不合法";
                }
            }
            else {
                $retJson['code'] = -3;
                $retJson['error_message'] = "存在字段超过限制";
            }
        }
        else {
            $retJson['code'] = 0;
            $retJson['html'] = '密码输入错误！';
        }
        $this->output->set_content_type('application/json')
             ->set_output(json_encode($retJson));
    }
    
    public function verify_and_update_succeed() {
        $data['title'] = 'Email地址验证成功';
        $data['message'] = '您已经成功地完成了邮箱的验证，并完善了您的个人资料，现在您已经是本站尊贵的正式用户的一员了，请尽情享受本站的服务。';
        $this->load->view('header');
        $this->load->view('navbar');
        $this->load->view('message', $data);
        $this->load->view('footer');
    }
    
    public function find_pwd_form() {
        $this->load->view('header');       
        $this->load->view('navbar');
        $this->load->view('find_pwd_form');
        $this->load->view('footer');        
    }
    
    public function find_pwd_submit() {
        $email = $this->input->post('email');
        $originseed = ''.mt_rand().microtime();
        if ( $this->user_lost_model->new_request( $email, $originseed ) ) {
            $data['title'] = '成功发送重置密码邮件';
            $data['message'] = '系统已经记录下了您的重置密码的请求并向您的注册邮箱中发送了重置密码邮件，请根据邮件中的指示进行下一步的重置密码操作，谢谢。';
            $this->load->helper('sendemail');
            send_findpwd_email_helper( $email, $originseed );
        }
        else {
            $data['title'] = '发送重置密码邮件失败';
            $data['message'] = '由于系统中不存在该用户或者您输入的email地址有误，提交重置密码失败。';                  
        }
        $this->load->view('header');
        $this->load->view('navbar');
        $this->load->view('message', $data);
        $this->load->view('footer');
    }
    
    public function find_pwd_verify( $originseedhash = -1 ) {
        if ( $originseedhash != -1 && $this->user_lost_model->verify_originseedhash($originseedhash) ) {
            $data['originseedhash'] = $originseedhash;
            $this->load->view('header');
            $this->load->view('navbar');
            $this->load->view('find_pwd_set_form', $data);
            $this->load->view('footer');
        }
        else {
            $data['title'] = '验证失败';
            $data['message'] = '您使用的是无效的或者已经被使用过的密码重置链接，无法进行密码重置。';
            $this->load->view('header');
            $this->load->view('navbar');
            $this->load->view('message', $data);
            $this->load->view('footer');           
        }
    }
    
    public function find_pwd_commit( $originseedhash = -1 ) {
        if ( $originseedhash != -1 && $this->user_lost_model->verify_originseedhash($originseedhash) ) {
            $pw = $this->input->post('password');
            $salt = substr($pw, 32);
            $password = substr($pw, 0, 32);
            if ( $this->user_lost_model->change_pwd_by_originseedhash( $originseedhash, $password, $salt )) {
                $data['title'] = '成功重置密码';
                $data['message'] = '您已经成功地重置了您的密码。';
            }
            else {
                $data['title'] = '重置密码失败';
                $data['message'] = '出现了一些异常情况，无法进行密码重置，请您从头开始重新尝试。';
            }
        }
        else {
            $data['title'] = '验证失败';
            $data['message'] = '您使用的是无效的或者已经被使用过的密码重置链接，无法进行密码重置。';            
        }
        $this->load->view('header');
        $this->load->view('navbar');
        $this->load->view('message', $data);
        $this->load->view('footer');
    }
    
    private function _check_profile_data($info) {
        if( $info['living_place'] != NULL && mb_strlen($info['living_place'],'UTF-8') > 50 ) {
            return false;
        }
        else if( $info['is_single'] != NULL && $info['is_single'] > 2 ) {
            return false;
        }
        else if( $info['constel'] != NULL && $info['constel'] > 12 ) {
            return false;
        }
		else if ($info['qq_show'] != NULL && ((!is_numeric($info['qq_show']))||(mb_strlen($info['qq_show'],'UTF-8') < 5))){
            return false; //qq ：5 or more numbers
        }
		 else if ($info['email_show'] != NULL && !preg_match("/^[\w\-\.]+@[\w\-]+(\.\w+)+$/",$info['email_show'])) {
			return false;  //email ：regular expression
		}
        else {
            return true;
        }
    }
}

?>
